home

kandouing.com

WHOIS PRIVACY PROTECTION SERVICE, INC.  (Proxy Registrant)

Domain Information

The domain kandouing.com is registered by proxy through ENOM, INC. and was originally registered in March of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Wilmington, Delaware within the United States which resides on the Black Lotus Communications network.
Registrar:
ENOM, INC.

Server location:
Delaware, United States (US)

Create date:
Monday, March 24, 2014

Expires date:
Friday, March 24, 2017

Updated date:
Friday, March 25, 2016

ASN:
AS32421 BLCC - Black Lotus Communications

Whois:
3 kandouing.com records

Scanner detections:
Detections  (96% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.PaymentsInteractiveSL.E, PUP.Tuguu.PaymentsInteractive.Bundler (M), PUP.Tuguu.Clovermedia.Bundler (M), PUP.Tuguu.Payments.Bundler (M), PUP.Tuguu.Cloverme.Bundler (M), PUP.Tuguu (M)
96.30%

MicroWorld eScan
Gen:Variant.Application.Bundler.DomaIQ.3, Dropped:Application.Agent.EI, Dropped:Adware.Bundler.Offer.A
11.11%

McAfee
Adware-DomaIQ!87EAB94F6E66, RDN/Generic.bfr!et, CryptDomaIQ
11.11%

Malwarebytes
PUP.Optional.BundleInstaller.A, PUP.Optional.DomalQ
11.11%

K7 AntiVirus
Unwanted-Program
11.11%

Agnitum Outpost
PUA.DomaIQ
11.11%

avast!
Win32:PUP-gen [PUP], Win32:Rootkit-gen [Rtk]
11.11%

Bitdefender
Gen:Variant.Application.Bundler.DomaIQ.3, Dropped:Application.Agent.EI, Dropped:Adware.Bundler.Offer.A
11.11%

NANO AntiVirus
Trojan.Win32.DomaIQ.ctadmg, Trojan.Win32.DomaIQ.cwydit, Riskware.Win32.Lolipop.cvxwnv
11.11%

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.DomaIQ.3, Dropped:Application.Agent.EI, Dropped:Adware.Bundler.Offer.A
11.11%

Sophos
DomainIQ pay-per install, Generic PUA IP
11.11%

F-Secure
Adware:W32/DomaIQ, Dropped:Application.Agent.EI
11.11%

Dr.Web
Trojan.DownLoader9.21779, Trojan.Packed.26446, Trojan.DownLoader9.51748
11.11%

VIPRE Antivirus
DomaIQ, Threat.4780044
11.11%

Avira AntiVirus
APPL/DomaIQ.Gen
11.11%

The domain kandouing.com has been seen to resolve to the following 2 IP addresses.

98.124.243.43
February 29, 2016

192.31.186.19
May 1, 2014

File downloads found at URLs served by kandouing.com.

1 / 68      (Adware)
http://kandouing.com/.../Java.exe  (0924d012721c068bc2165ddcda53a46f)

1 / 68      (Adware)
http://kandouing.com/.../Java.exe  (23690332834ca96e30a5c239eee1bcc8)

1 / 68      (Adware)
http://kandouing.com/.../Java.exe  (4cb00c9683a83c105ed16bb6feb00393)

1 / 68      (Adware)
http://kandouing.com/.../Java.exe  (b8298a7dac8cc4c812a460e3915d85f0)

1 / 68      (Adware)
http://kandouing.com/.../Java.exe  (30014f59cefeac7193f3db7ec0b78606)

1 / 68      (Adware)
http://kandouing.com/.../Java.exe  (f6c1eb66504c17329e1a2a6aaf39e20d)

1 / 68      (Adware)
http://kandouing.com/.../Java.exe  (687d9a20e1978d0ce39cf9381123d87e)

1 / 68      (Adware)
http://kandouing.com/.../Java.exe  (d1da6072482b3c02df4cf17cbed3991d)

1 / 68      (Adware)
http://kandouing.com/.../Java.exe  (91ad32d4eb5b304aac499aade2128a5b)

1 / 68      (Adware)
http://kandouing.com/.../Java.exe  (fb5afac15b59568a7d5146cc55c0943d)

1 / 68      (Adware)
http://kandouing.com/.../Java.exe  (b1813b26661637541f094240792f95b2)

2 / 68      (false positives)
http://kandouing.com/.../Java.exe  (wrar420.exe)

1 / 68      (Adware)
http://kandouing.com/.../Java.exe  (b53d7206cd234591823fe6bb25fc4a12)

1 / 68      (Adware)
http://kandouing.com/.../Java.exe  (d55bee33b96337515b296f6830ccf167)

1 / 68      (Adware)
http://kandouing.com/.../Java.exe  (1ee7274350e7cd19f09a7eeef3197ce5)

1 / 68      (Adware)
http://kandouing.com/.../Java.exe  (e95abfee6f2ad4c212498a9a3f4e5ed2)

1 / 68      (Adware)
http://kandouing.com/.../Java.exe  (5460168e3b6dd41cc269463bfacfdfe0)

1 / 68      (Adware)
http://kandouing.com/.../Java.exe  (790df8ac62e2e32710637f09085ce523)

1 / 68      (Adware)
http://kandouing.com/.../Java.exe  (bedf308b926680ccd62a0e74fa73b780)

1 / 68      (Adware)
http://kandouing.com/.../Java.exe  (7182a12071ce8eb6a7e1d4ac18f88f61)

1 / 68      (Adware)
http://kandouing.com/.../Java.exe  (cd9bb9f9c1bd1dbaf77ceb7b5c5bc29e)

1 / 68      (Adware)
http://kandouing.com/.../Java.exe  (11b09259188efe18c38b802d9f775a08)

1 / 68      (Adware)
http://kandouing.com/.../Java.exe  (4a4457301e8d196f2869edac50894600)

1 / 68      (Adware)
http://kandouing.com/.../Java.exe  (02be20f1350cc4fd75f86d443d5cac9e)

29 / 68    (Adware)
http://kandouing.com/.../Java.exe  (b24af637cec3015eeecc0d7e0002c09e)

25 / 68    (Adware)
http://kandouing.com/.../Java.exe  (9f2f39cc6c24592726507840353d8ca9)

25 / 68    (Adware)
http://kandouing.com/.../Java.exe  (9e998c630094b7d5f5fa53cf28b451cc)

URL:
http://kandouing.com/

Google Analytics:
UA-2249740

Title:
“Kandouing.com”

Description:
“Find Cash Advance, Debt Consolidation and more at Kandouing.com. Get the best of Insurance or Free Credit Report, browse our section on Cell Phones or learn about Life Insurance. Kandouing.com is the site for Cash Advance.”

07zbu0gt6.com

08i8b4384.com

0g32br5rsg.com

0hnuuf2.com

0j2fxpvon.com

0k8wezr.com

0nosjf31uh.com

0o99hbzi.com

0p78qfr8q7.com

0softwaredreams.com

0uezhjx.com

0vin60f6.com

0x1m8x59b.com

1-vinstaller.com

1000descargas.com

123-telecharger.com

18v3y9y0ob.com

1btvoy0pn.com

1mmkkv2sfi.com

1r2qzosuf.com

1sfrtvms6.com

1tvonline.net

2-vinstaller.com

225bkry1.com

22aaf3.com

27call.com

27q2gqueo.com

29u3wfmjg.com

2k18x8b34s.com

2m891odz.com

30 of 685 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.